Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Kp_ab0MNZuxPMnx0W4zBsayrOO8.roa
File:                     Kp_ab0MNZuxPMnx0W4zBsayrOO8.roa (raw, json)
Hash identifier:          MT2x5bAnpIhzQ0rbP5XlVzrglxWSMXoxK8mXCqIr29o=
Subject key identifier:   2A:9F:DA:6F:43:0D:66:EC:4F:32:7C:74:5B:8C:C1:B1:AC:AB:38:EF
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018B6503E67E0275DE409F0988A3DADEF0F5
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Kp_ab0MNZuxPMnx0W4zBsayrOO8.roa
Signing time:             Wed 25 Oct 2023 04:07:16 +0000
ROA not before:           Wed 25 Oct 2023 04:07:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15731
IP address blocks:        194.87.1.0/24 maxlen: 24
                          193.124.16.0/24 maxlen: 24
                          194.87.11.0/24 maxlen: 24
                          194.87.12.0/24 maxlen: 24
                          194.87.21.0/24 maxlen: 24
                          194.87.18.0/24 maxlen: 24
                          212.192.214.0/24 maxlen: 24
                          195.58.35.0/24 maxlen: 24
                          194.58.47.0/24 maxlen: 24
                          195.58.58.0/24 maxlen: 24
                          195.58.58.0/23 maxlen: 23
                          195.58.63.0/24 maxlen: 24
                          195.58.62.0/23 maxlen: 23
                          194.87.104.0/24 maxlen: 24
                          194.87.108.0/24 maxlen: 24
                          194.87.114.0/23 maxlen: 23
                          194.87.122.0/24 maxlen: 24
                          194.87.124.0/24 maxlen: 24
                          193.124.133.0/24 maxlen: 24
                          194.87.131.0/24 maxlen: 24
                          195.133.0.0/24 maxlen: 24
                          194.87.134.0/23 maxlen: 23
                          194.87.133.0/24 maxlen: 24
                          195.133.6.0/24 maxlen: 24
                          195.133.7.0/24 maxlen: 24
                          194.87.40.0/24 maxlen: 24
                          194.87.56.0/24 maxlen: 24
                          194.58.154.0/24 maxlen: 24
                          193.124.80.0/24 maxlen: 24
                          194.87.73.0/24 maxlen: 24
                          194.87.83.0/24 maxlen: 24
                          194.87.200.0/24 maxlen: 24
                          195.133.73.0/24 maxlen: 24
                          195.133.85.0/24 maxlen: 24
                          195.133.84.0/23 maxlen: 23
                          194.87.222.0/24 maxlen: 24
                          194.87.220.0/24 maxlen: 24
                          194.87.151.0/24 maxlen: 24
                          192.124.178.0/24 maxlen: 24
                          195.133.30.0/24 maxlen: 24
                          194.87.168.0/24 maxlen: 24
                          192.124.181.0/24 maxlen: 24
                          194.87.179.0/24 maxlen: 24
                          192.124.189.0/24 maxlen: 24
                          195.133.40.0/23 maxlen: 23
                          194.87.190.0/24 maxlen: 24
                          193.124.200.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:65:03:e6:7e:02:75:de:40:9f:09:88:a3:da:de:f0:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Oct 25 04:07:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2a9fda6f430d66ec4f327c745b8cc1b1acab38ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:bd:e0:66:db:b8:d7:01:69:dd:5e:fb:9f:e7:
                    32:bb:4e:1f:e3:6c:31:12:ce:6f:a7:fb:4b:58:84:
                    5b:8c:af:8d:a2:dd:bd:f5:89:61:93:2b:06:28:a5:
                    79:fa:da:ce:5a:ad:df:38:5f:af:fc:7b:42:83:c3:
                    e5:99:40:90:57:5f:b3:fc:0a:b1:84:57:54:e9:47:
                    78:aa:05:42:97:b7:c9:d3:88:58:99:95:63:56:b5:
                    b0:f1:90:53:d8:b5:a5:93:c0:1f:7f:43:16:dd:4a:
                    18:21:09:6f:65:1b:93:06:8f:3c:53:ea:3f:67:6d:
                    83:44:3c:ea:1c:54:42:fc:90:d1:2d:fe:dd:0a:0a:
                    78:be:c5:7d:01:ff:b5:cd:b1:e1:04:f4:59:55:7d:
                    6a:27:7b:b6:38:49:e5:db:bd:d9:0a:fb:4b:6f:2d:
                    60:d9:5f:98:48:05:d9:10:04:a2:80:d9:96:40:50:
                    87:ac:78:83:a0:6e:1b:bb:c4:a2:e9:e8:3f:61:c2:
                    af:35:56:4a:7f:3f:ca:94:20:0d:79:7b:6f:b6:9f:
                    5c:2b:3c:45:24:95:1a:ad:7c:bc:82:54:31:e1:e7:
                    3f:9e:8b:de:e5:7d:dd:5d:63:e5:68:eb:64:62:46:
                    c0:ca:70:0a:33:68:df:c0:58:22:2e:7e:7a:2f:64:
                    1d:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:9F:DA:6F:43:0D:66:EC:4F:32:7C:74:5B:8C:C1:B1:AC:AB:38:EF
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Kp_ab0MNZuxPMnx0W4zBsayrOO8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.124.178.0/24
                  192.124.181.0/24
                  192.124.189.0/24
                  193.124.16.0/24
                  193.124.80.0/24
                  193.124.133.0/24
                  193.124.200.0/24
                  194.58.47.0/24
                  194.58.154.0/24
                  194.87.1.0/24
                  194.87.11.0-194.87.12.255
                  194.87.18.0/24
                  194.87.21.0/24
                  194.87.40.0/24
                  194.87.56.0/24
                  194.87.73.0/24
                  194.87.83.0/24
                  194.87.104.0/24
                  194.87.108.0/24
                  194.87.114.0/23
                  194.87.122.0/24
                  194.87.124.0/24
                  194.87.131.0/24
                  194.87.133.0-194.87.135.255
                  194.87.151.0/24
                  194.87.168.0/24
                  194.87.179.0/24
                  194.87.190.0/24
                  194.87.200.0/24
                  194.87.220.0/24
                  194.87.222.0/24
                  195.58.35.0/24
                  195.58.58.0/23
                  195.58.62.0/23
                  195.133.0.0/24
                  195.133.6.0/23
                  195.133.30.0/24
                  195.133.40.0/23
                  195.133.73.0/24
                  195.133.84.0/23
                  212.192.214.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:bd:ab:43:c0:5e:bc:0d:85:a8:2b:00:29:22:d6:05:fc:2f:
         dc:f9:89:a6:09:2d:89:64:3f:0e:11:25:ab:7f:43:e4:33:d9:
         df:a8:df:5c:db:57:cc:26:42:4c:dc:3b:69:04:ff:5a:e3:9f:
         82:7e:d4:74:ac:f7:50:79:9a:5e:4a:1e:23:6c:93:41:e3:cc:
         37:47:10:3b:75:3b:83:29:d0:04:1f:db:77:4a:d5:d2:c9:0e:
         ac:2e:03:08:54:0e:f8:87:a6:4f:56:ec:1e:6c:43:ed:41:05:
         1e:42:61:09:0c:8e:69:e2:6c:13:90:2d:7b:75:88:56:69:30:
         b2:75:a1:87:fe:60:3b:a2:bf:9b:24:e2:87:a0:b6:c5:ef:4a:
         96:31:f0:68:f4:74:77:72:e2:95:22:52:9d:ad:5a:68:f5:a1:
         fc:7f:de:85:a2:29:8b:28:da:3c:00:2c:28:74:b2:7a:76:51:
         04:f8:01:f0:7c:51:fd:14:7e:9f:d1:32:c6:6b:09:d0:63:3c:
         9f:1f:9d:91:e8:33:cc:e3:ca:59:b8:c6:f9:23:64:0e:a1:4b:
         58:72:b7:6c:26:e4:dc:60:6d:48:03:fa:4c:ed:3c:0b:9d:86:
         be:a5:91:42:cd:54:4e:ab:c8:f1:7e:b8:ee:ff:50:4b:cb:04:
         01:f4:95:92
-----BEGIN CERTIFICATE-----
MIIGBzCCBO+gAwIBAgISAYtlA+Z+AnXeQJ8JiKPa3vD1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDI1MDQwNzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTlmZGE2ZjQzMGQ2NmVjNGYzMjdjNzQ1YjhjYzFiMWFjYWIzOGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnr3gZtu41wFp3V77n+cyu04f42wx
Es5vp/tLWIRbjK+Not299YlhkysGKKV5+trOWq3fOF+v/HtCg8PlmUCQV1+z/Aqx
hFdU6Ud4qgVCl7fJ04hYmZVjVrWw8ZBT2LWlk8Aff0MW3UoYIQlvZRuTBo88U+o/
Z22DRDzqHFRC/JDRLf7dCgp4vsV9Af+1zbHhBPRZVX1qJ3u2OEnl273ZCvtLby1g
2V+YSAXZEASigNmWQFCHrHiDoG4bu8Si6eg/YcKvNVZKfz/KlCANeXtvtp9cKzxF
JJUarXy8glQx4ec/nove5X3dXWPlaOtkYkbAynAKM2jfwFgiLn56L2QdHQIDAQAB
o4IDEzCCAw8wHQYDVR0OBBYEFCqf2m9DDWbsTzJ8dFuMwbGsqzjvMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvS3BfYWIwTU5adXhQTW54MFc0ekJzYXlyT084LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJwYIKwYBBQUHAQcBAf8EggEWMIIBEjCCAQ4EAgABMIIB
BgMEAMB8sgMEAMB8tQMEAMB8vQMEAMF8EAMEAMF8UAMEAMF8hQMEAMF8yAMEAMI6
LwMEAMI6mgMEAMJXATAMAwQAwlcLAwQAwlcMAwQAwlcSAwQAwlcVAwQAwlcoAwQA
wlc4AwQAwldJAwQAwldTAwQAwldoAwQAwldsAwQBwldyAwQAwld6AwQAwld8AwQA
wleDMAwDBADCV4UDBAPCV4ADBADCV5cDBADCV6gDBADCV7MDBADCV74DBADCV8gD
BADCV9wDBADCV94DBADDOiMDBAHDOjoDBAHDOj4DBADDhQADBAHDhQYDBADDhR4D
BAHDhSgDBADDhUkDBAHDhVQDBADUwNYwDQYJKoZIhvcNAQELBQADggEBAIa9q0PA
XrwNhagrACki1gX8L9z5iaYJLYlkPw4RJat/Q+Qz2d+o31zbV8wmQkzcO2kE/1rj
n4J+1HSs91B5ml5KHiNsk0HjzDdHEDt1O4Mp0AQf23dK1dLJDqwuAwhUDviHpk9W
7B5sQ+1BBR5CYQkMjmnibBOQLXt1iFZpMLJ1oYf+YDuiv5sk4oegtsXvSpYx8Gj0
dHdy4pUiUp2tWmj1ofx/3oWiKYso2jwALCh0snp2UQT4AfB8Uf0Ufp/RMsZrCdBj
PJ8fnZHoM8zjylm4xvkjZA6hS1hyt2wm5NxgbUgD+kztPAudhr6lkULNVE6ryPF+
uO7/UEvLBAH0lZI=
-----END CERTIFICATE-----
Generated at Fri Oct 27 06:51:22 2023 by rpki-client on console-ams.rpki-client.org